Bloodhound.Exploit.54 bundled with I.E.beta7 ??

Bloodhound.Exploit.54 bundled with I.E.beta7 ??
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Microsoft Applications Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Bloodhound.Exploit.54 bundled with I.E.beta7 ?? 3-6ixty 06-03-2006
Posted by =?Utf-8?B?My02aXh0eQ==?= on June 3, 2006, 2:43 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Immediately after installing I.E.beta7, Norton reported an instance of
Bloodhound.Exploit.54 in C\Windows$Uninstallie7$\reg00945

Any comments from any quarter ???


Posted by Malke on June 3, 2006, 2:46 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
3-6ixty wrote:

> Immediately after installing I.E.beta7, Norton reported an instance of
> Bloodhound.Exploit.54 in C\Windows$Uninstallie7$\reg00945
>
> Any comments from any quarter ???

Check in the newsgroup for the beta IE7:
microsoft.public.internetexplorer.general

Malke
--
MS-MVP Windows Shell/User
Elephant Boy Computers
www.elephantboycomputers.com
"Don't Panic"

Posted by David H. Lipman on June 3, 2006, 2:56 pm
If you were  Registered and logged in, you could reply and use other advanced thread options

| Immediately after installing I.E.beta7, Norton reported an instance of
| Bloodhound.Exploit.54 in C\Windows$Uninstallie7$\reg00945
|
| Any comments from any quarter ???

BloodHound is Symantec/Norton's name for a Heuristic detection.

In this case it is Exploit type 54.

The first thing I have to ask is WHY you are installing Beta software ? Are you
a paid Beta
Tester ?
If not, are you installing this on a purely test PC or on a production PC ?

In any case...
http://securityresponse.symantec.com/avcenter/venc/data/bloodhound.exploit.54.html

"Bloodhound.Exploit.54 is a heuristic detection for the Microsoft Internet
Explorer
JavaScript Window Vulnerability and the Mismatched Document Object Model Objects
Memory
Corruption Vulnerability (described in Microsoft Security Bulletin MS05-054)."

Chances are this is a False positive declaration. Why would Microsoft create an
exploit for
a vulnerability they themselves describe in MS05-054 and fixed by KB905915 --
http://www.microsoft.com/technet/security/Bulletin/MS05-054.mspx ?


I strongly suggest submitting; C\Windows$Uninstallie7$\reg00945 to Symantec
with the
explanation that this may be a False Positive declaration.

Either via;
mailto:avsubmit@symantec.com?subject=False%20Positive
or
https://submit.symantec.com/gold/


--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Similar ThreadsPosted
Re: Zero-day IE exploit... November 23, 2005, 7:13 am
Zero-day IE exploit... November 22, 2005, 7:46 pm
Possible new exploit... Have you seen these? April 26, 2006, 2:03 pm
Re: Where is the IE zero day exploit in the news... November 27, 2005, 2:12 pm
Why was IE6 vulnerable to the wmf exploit? January 5, 2006, 7:45 pm
Dcom Exploit May 16, 2008, 2:14 pm
My machine was compromised via mshta.exe. Is this a new exploit? July 28, 2006, 9:28 pm
XP security exploit causes BSOD - when will patch be released? July 7, 2005, 1:37 pm
Reporting cross-platform possible exploit vulnerability November 25, 2005, 11:45 am
Unknown exploit - Boot.ini/Windows shares February 20, 2006, 5:05 am

The site map in XML format XML site map

Contact Us | Privacy Policy